Method and system for using an integrated subscriber identity module in a network interface unit

ABSTRACT

Subscriber-associated authentication, authorization and policy control information is stored on a SIM (preprogrammed or user programmed) to facilitate an NIU at a location granting or denying access to a plurality of services when the programmed SIM or virtual SIM resides in the NIU. A provider stores a message in the SIM based on a payment, which determines the level and period of services to be provided. The SIM can be removed and transported among a plurality of NIUs so that paid-for services follow the SIM. 
     Each NIU may receive data from a single source and distribute appropriate telephony, data and video services to telephones, computers and televisions, respectively, based on the level and duration of the services requested by a user/subscriber. Thus, services access and billing are user-associated and location-independent. The SIM can be renewable or disposable, and can be programmed before or after purchase by a subscriber.

This application claims the benefit of priority under 35 U.S.C. 119(e)to the filing date of Craven, U.S. provisional patent application No.60/370,832 entitled “Network Interface Unit (NIU) with IntegratedSubscriber Interface Module (SIM)”, which was filed Apr. 7, 2002, and isincorporated herein by reference in its entirety.

FIELD OF THE INVENTION

The present invention relates to network communication systems. Morespecifically, the present invention relates to using a subscriberIdentity Module (“SIM”) in a network interface unit to allow continuityof services and billing among a plurality of network devices at aplurality of locations.

BACKGROUND

Subscriber Identity Module (“SIM”) (sometimes referred to as asubscriber interface module) technology, which is known in the art, hasbeen used in mobile phone systems to allow users to establish accountinformation in cellular telephones. For example, if a particular userhas a first phone, and then buys another one, a SIM card can be removedfrom the first phone and inserted into the second one, thereby allowingaccount authentication, authorization and policy control information, aswell as billing information, to be transferred from one phone to thenext without the need of canceling the account corresponding to thefirst phone and then having to establish another account for the secondphone. Examples of SIM-stored data include identity and billinginformation of the consumer, ongoing pre-paid usage totals, account andusage history, allowable access criteria, other information necessaryfor network usage and consumer favorites.

In addition to mobile telephone systems, other communication systemsassociate accounts that correspond to a particular user, in order tofacilitate access and billing of the customer. Examples of such servicesinclude cable television, wired or wireless telephony, high-speed dataand or multimedia services, for which a user typically establishes anaccount with the provider of each service. The signals for theseservices, which may be provided by as many different providers as thereare services, typically enter into a dwelling or place of business via acustomer premises Network Interface Unit (“NIU”). An NIU typicallyinterfaces each of these services to a single dwelling unit (“SDU”) or amultiple dwelling unit (“MDU”), or a single converged services portalmay receive signals from a plurality of service providers. Furthermore,these services may all be provided via a single service provider via asingle network source such as, for example, xDSL, FTTx, HFC, fixedwireless, etc, in which case the converged services portal would beused.

Each one of the services may require that a separate account beestablished corresponding thereto. This requires either speaking with arepresentative of each service provider separately to establish theaccount with that a particular provider, or at the least, establish anaccount online, providing credit card information to the provider sothat service level packaging, billing and related procedures can beagreed upon and established. Although this can be burdensome for ahomeowner having just moved in to a new residence, many people realizesuch procedures are a one-time affair, and after the pain is over, tendto forget about the inconvenience. Until if is time to move again; oruntil they decide to buy a second home, such as a retreat in themountains or a house on a beach.

In addition, in today's mobile economy, many people work temporary jobsat locations for durations less than a year, often working at manydifferent locations for a few weeks each during the course of a year.Or, people who have time-share arrangements in resort locations alsotend to desire telephone, data and television services. One of the firstthings one does upon establishing such a new residence is to set upaccounts for desired communication services at the new location(s). Onecan see that after a while, the account establishing process become areal burden. Either they must use the services that are currentlyestablished at the particular location, often paying premium rates forlimited services, or they must establish their own accounts for suchservices. In addition, the setup and account activation costs areprohibitive in comparison to the monthly service rates.

Accordingly, there is a need for a method and system to allow theestablishment of authentication, authorization and policy management ofone information/services account, and for each of the desired serviceswithin the account, such that account subscription and billinginformation can follow the user, thereby allowing the user to access thesubscribed services from a plurality of locations without the need ofestablishing an account or accounts at each location.

SUMMARY

It is an object to provide a method and system that allows thetransporting and handling of user-account authentication, authorizationand policy control information user communications subscription accountinformation from one location to another without the user having toestablish a new and different account at each location. A user canestablish one or more accounts corresponding to one or more services,and store that account information on a SIM device, such as a card. Thecard can then be used in one or more NIU devices that may be located atdifferent locations, one being located at a primary residence, one at asecondary residence, another at a temporary job location and yet anotherat a vacation resort location. Thus, by transferring the card from oneNIU to another, the user will have access to all of the subscribed-toservices at each of the locations, and will not have to establish newaccounts for services at the various locations. By simply removing adevice the size of a credit card from one NIU, transporting it toanother, and then inserting it into the other NIU, the user can quicklyand easily enjoy all of the services for which he or she has subscribed,without having to establish accounts for the same at each location.Furthermore, a single bill, for all the services, or at least a singlebill for each one of the services without the need for two or moretelephone bills, two or more cable television bills, etc., would greatlyreduce the number of bills to keep track of and have to pay each billingcycle, which would probably not be coterminous.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a system for facilitating transporting user accountinformation from one location to another to obtain desired services at aplurality of locations using a SIM card.

FIG. 2 illustrates a system for facilitating transporting user accountinformation from one location to another to obtain desired services at aplurality of locations using a virtual SIM.

FIG. 3 illustrates a flow diagram of a method for facilitating useraccount information from one location to another to obtain desiredservices at a plurality of locations using a SIM.

DETAILED DESCRIPTION

As a preliminary matter, it will be readily understood by those personsskilled in the art that the present invention is susceptible of broadutility and application. Many methods, embodiments and adaptations ofthe present invention other than those herein described, as well as manyvariations, modifications, and equivalent arrangements, will be apparentfrom or reasonably suggested by the present invention and the followingdescription thereof without departing from the substance or scope of thepresent invention.

Accordingly, while the present invention has been described herein indetail in relation to preferred embodiments, it is to be understood thatthis disclosure is only illustrative and exemplary of the presentinvention and is made merely for the purposes of providing a full andenabling disclosure of the invention. The following disclosure is notintended nor is to be construed to limit the present invention orotherwise to exclude other embodiments, adaptations, variations,modifications and equivalent arrangements, the present invention beinglimited only by the claims appended hereto and the equivalents thereof.

Turning now to the figures, FIG. 1 illustrates a system 2 for using aSIM device 4, such as in the form of a card (it will be appreciated thatthe other forms may be implemented, including a virtual version whereaccount information is downloaded from a provider's server or determinedvia personal physical identity, such as, for example, a fingerprint orother biometric means known in the art), for transporting accountinformation related to communication services from one to another amonga plurality of NIUs 6. A user 8 obtains SIM 4 from a variety of means,preferably from a SIM vending machine 10 that dispenses or reprograms arenewable SIM card when requested services are selected and anappropriate amount of money is inserted into the machine, the amountcorresponding to the type and level of selected services.

The SIMs 4 primary function is the handling of the activation,deactivation, maintenance and conditional access of the services andsub-level services supplied via NIU 6. Information stored in SIM 4 insupport of these services can vary with varying degrees of servicefunctionality. For example, SIM 4 can support high-level services, suchas telephony, as well as sub-level services such as caller ID. Otherexamples of services and sub-level services include: telephony/parentalcontrol, multimedia/ppv and multimedia/favorites, among others. Examplesof data stored on SIM 4 are identity and relative billing information ofuser 8, ongoing pre-paid usage totals, account and usage history,allowable access criteria, other network usage information known in theart and consumer/user favorites.

SIM 4 can be loaded with user-specific information at a location remotefrom NIU 6, such as vending machine 10, or can be loaded withinformation that facilitates a procedure via the NIU to communicate withexternal systems (e.g. activation systems) for programming user-specificinformation. In addition, SIM 4 can provide management of data used bythe NIU related to access, credit, system security, etc. (i.e.subscriber authentication and speech encryption keys, etc.) Examples ofservices facilitated include, but are not limited to, controlled andautomated activation, automated deactivation, pre-paid debit processingrental service credit control, parental control applications,encryption, favorite lists and tier-packaging (i.e., class of service).In addition, user 8 can have access to the data stored on SIM 4 via thestroke of a few keys on a telephone keypad or a TV/PC screen, forexample.

When services have been selected and paid for, the vending machine 10either ejects a new SIM card 4 with authorization for the selectedservices encoded thereon, or ejects a previously used and inserted cardthat has been reprogrammed/renewed. A user would preferably haveincentive to reuse cards, as the amount of money inserted into thevending machine 10 would be lower than if a new card was programmed andejected by the machine.

The vending machine 10 preferably has a user interface, such as acomputer monitor, and means for inputting information thereto, such as,for example, a keyboard or the computer monitor that may be designed fortouch sensitive data entry, both technologies being known in the art.The user selects the services he desires from a list of services offeredby providers the operator of the vending machine 10 has agreements with.and the final cost of the generating or reprogramming is shown beforethe user selects a button that authorizes the programming charges. Thesecharges may be charges to a credit card that the user enters intomachine 10, or, based on a username and password, the predeterminedcredit account may be automatically billed, or the user may choose toinput cash into the machine. In addition, instead of programming orreprogramming a physical card, the service provider may authorize orreauthorize services based on the amount of money provided to machine10, and in response to an identifier, entered by the user, thatcorresponds to the users device. It will be appreciated that SIM card 4may have a unique identifier, such as a serial number, that identifiesthe card, or other SIM device, to the provider's server, rather thanhaving the user input a user name and password, or other identifyinginformation.

When the programming charges have been authorized and/or paid, the SIMcard 4 is programmed and the revised account information is stored tothe selected service provider's central location, such as, for example,a head end or a central office. As known in the art, such a centrallocation 12 may contain one or more server computers that store userinformation in a database 14. Thus, when a user attempts to accessservices through NIU 6, the head end 12 checks information extractedfrom SIM 4 at the NIU, against the same user's account informationstored in database 14. If the account server at the head end 12determines that the user is authorized to access the requested services,the services are provided. If the user is determined to not beauthorized, programming access to the services is denied, and an errormessage sent advising the user that the SIM 4 has not been authorized toaccess the requested services.

The request for services and the sending of the error message, as wellas the providing of the services, is typically transmitted over network16. Network 16 may he any of a variety of network types, including, butnot limited to, the Internet, a community antennae television coaxialnetwork, an optical fiber network, or a wireless network, any and all ofwhich will be known to those skilled in the art.

NIU 6 transmits and receives signals and messages from network 16 andinterfaces with one or more user interface devices, such as, forexample, a computer 18, a telephone 20, a television 22, or a PDA 24.Communication between NIU 6 and these user devices will typically beprovided over local area network (“LAN”) 25, which may be, for example,an Ethernet network or other LAN type that will be known to thoseskilled in the art. NIU 6 will typically have a SIM interface device 26,known in the art, for receiving SIM card 4 and connecting it to theinternal circuitry of the NIU, thereby facilitating the transfer ofstored information from the SIM card to the NIU. Interlace 26 may allowfor external insertion and removal of SIM 4 by a user, or may beinternal to NIU 6 so that insertion and removal is performed by theprovider.

Turning now to FIG. 2, system 27 facilitates the establishing of avirtual SIM in any one or more of NIUs 6. For example, instead of havinga physical SIM device, as shown in FIG. 1, user 8 inputs service requestinformation to kiosk 28, including credit card, or other form ofpayment, account information, including cash inserted into the kioskdevice. Upon verification of the user's identity (either the user is anexisting customer or registered user in the provider's database 14, orthe user establishes a new account and profile with the provider 12),using a username and password, or biometrics, for example, andverification that adequate funds are available, provider 12 downloads amessage 30 to one or more of the NIUs 6. The particular NIUs 6 to whichmessage 30 is sent are NIUs specified by user 8. If user 8 is anexisting customer/subscriber of provider 8, a list a NIUs 6 associatedwith the user may appear as a drop down box, list box, or otherinterface device known in the art. If user 8 is not an existingcustomer, the user will typically enter identifiers of the NIUs 6, theNIU identifier being a serial number, for example, that is not on recordwith the provider 12, from which requested services are to beestablished.

When user 8 attempts to access any of the requested services, such as,for example, a pay-for-view program on television 22 or telephoneservices on telephone 20, NIU 6 would check the information carried bymessage 30 and stored in the NIU to determine if such services areauthorized. Thus, a password or other access control methods known inthe art are not required. This is advantageous because the accesscontrol is provided directly at the NIU 6, rather than having passwordsand other sensitive personal information being transmitted acrossnetwork 16. This saves time, server resources at server 12, and reducesthe chance that the sensitive information could be compromised alongpublic network 16. Furthermore, sensitive information need not evenreside on the NIU 6, because the information carried in message 30 andstored at the NIU is essentially go/no-go (gatekeeping) informationcorresponding to each of the services requested and authorized by theuser. Typically, the only time sensitive information is exposed tonetwork 16 is when user 8 is establishing the services ‘credit’ at kiosk28.

In addition to establishing services credit at kiosk 28, which may belocated in public locations, it will be appreciated that the virtual SIMfunctionality can be requested and established from any of the userdevices connected to LAN 25A, or any other network that is configured totransmit data to provider 12. This includes using a personal computer(“PC”) connected to the Internet at any location. Furthermore, user 8can also speak with a representative on the telephone in person toeither establish a new services account or to replenish and/or alter anexisting account. It will be appreciated that systems and methods knownin the art for providing secure transmitting of information willtypically be used. These include, but are not limited to, hashfunctions, data encryption and secure sockets layer technology, etc.

Turning now to FIG. 3, a flow diagram showing the steps in programming aSIM with desired services and levels thereof, as well as the amount ofmoney (which typically is proportional to the length of givensubscriptions requested and the levels thereof), is illustrated. Thesteps shown are applicable to an aspect that uses a physical SIM as wellas an aspect that uses virtual SIM functionality.

After routine 300 starts at step 302, a user enters a request forservices from a service provider at step 304. This request may beperformed at a stand-alone kiosk in a public location, at the provider'splace of business, or at a variety of remote locations using a varietyinterface devices, such as, for example, a PC, a mobile telephone, alandline telephone, or any other fixed or portable device known in theart, with access to a communication network. As part of the request forservice, the user will typically be queried for an identifier, such as,for example, a username and password, or a biometric identifier, such asa thumbprint, or other such means known in the art. If the SIM has aunique identifier associated with it, the identifier can be used and nofurther identification input would be needed from the user.

At step 306, the service provider checks the user-provided identifier todetermine whether the user has an established account with the provider.This check may he performed manually, such as would be the case if theuser had called the provider's representative using a telephone andverbally placed the request with said representative. The check at step306 may also be performed automatically upon the provider's serverreceiving the user-provided identifier, or the SIM identifier.

Upon receiving the user-provided identifier, if the provider determinesat step 308 that the user does not have an established account a messageis sent to the requesting user at step 310 informing said user that theidentification information does not match any user information currentlystored in the provider's database. The message may further inform therequestor that he or she may elect to establish an account, upon suchelection the routine would return to step 304.

To establish credit at step 304, the user will typically provide billinginformation, such as, for example, a credit card number, name, address,telephone number, etc. In addition, a personal profile, or suite ofservices, may be established, including the services requested, and thelevel and location of these services.

For example, if a household has four televisions, three PCs and fivetelephones (including two separate numbers), the telephone in a child'sroom may have restricted access after a certain time of day, alltelevisions except one may have restricted access to certain channels,and data provided to the PCs may have certain content blocked. Moreover,a user may establish more than one physical location for receivingservices. If a user has a primary and a secondary residence, separateprofiles may be established for each location, the NIU at each locationhaving functionality to provide a NIU identifier, such as, for example,a serial number. If the primary residence is the household describedabove, and the secondary residence is a vacation house on a beach, thebeach house may only have one television and one telephone and no PC.Thus, each profile may be customized for use with a particular NIU,based on the NIU identifier.

Another scenario contemplates that at a particular location, multipleusers may periodically use the same network devices connected to thesame NIU. Such would be the case with a time-share condominium, forexample. If the condominium has a different user every week, month orother period of time, each user may have their own SIM, or virtual SIM,associated with their billing account and preferred suite of services.Thus, temporary service does not have to be established for each userbefore the condominium usage period begins, and cancelled after tireperiod ends.

After the provider has determined that the requestor has an establishedaccount, the provider determines whether the requestor has sufficientpayment capability based on the currently established payment andbilling information at step 312. The established customer with anestablished account may have credit existing in the services account.This scenario may arise when an existing customer wishes to change thepreferences indicated in the one or more profiles associated with thatuser. If the established user does not have sufficient credit, or if averification check of a new user's credit card account (or other paymentmeans) indicates that the billing information does not have sufficientcredit or the account number or billing address is incorrect, then amessage is sent at step 314 to the user informing him or her that eitheran authorization to charge additional funds must be made, or a differentmeans of payment must be provided.

If the account has sufficient funds for the requested change inservices, the provider performs a financial transaction with theuser-provided and authorized financial institution, debiting the user'saccount at step 316. When the provider has determined that: sufficientfunds have been, or will be, transferred to the provider in connectionwith the user's request, then the provider downloads a message to theuser's SIM means at step 318. As discussed above, the user's SIM meansmay be an actual SIM card or other physical device that contains memoryand possibly processing means, or SIM card functionality may beimplemented in software and/or firmware within an NIU, thisfunctionality being referred to as a ‘virtual SIM.’ The downloading ofthe message at step 318 will typically be performed over a securenetwork, as credit having a cash value with respect to a provider willbe established in the SIM means at step 320.

This credit can then be used at step 322 by an NIU into which the SIMmeans is inserted, or resides, to grant access to the services requestedat step 304. Alternatively, if the SIM is a virtual SIM, the NIU withrespect to which the credit has been requested can grant access to therequested services as long as the credit established at step 322 has notexpired or been consumed.

It will be appreciated by those skilled in the art that the SIM card mayalso be non-renewable, this type typically being purchased in prepaidcash amounts for predetermined services, such as telephony. While thistype of SIM card may not be flexible with respect to the suite ofservices and the customization thereof, ease of use is provided. Forexample, in the condominium example described above, the only servicehaving a variable cost, based upon usage level, may be telephony, cabletelevision, for example, being a fixed amount that can be easilycalculated into the price of ownership/rental. The same would apply totelephony services in a hotel. Thus, a prepaid card that only authorizestelephony may be desirable.

These and many other objects and advantages will be readily apparent toone skilled in the art from the foregoing specification when read inconjunction with the appended drawings. It is to be understood that theembodiments herein illustrated are examples only, and that the scope ofthe invention is to be defined solely by the claims when accorded a fullrange of equivalents.

1-40. (canceled)
 41. A system for providing portability of subscriptionservices associated with a particular user among a plurality of userdevices that are located at each of a plurality of physical locationscoupled to a communication network comprising: a SIM device for storinguser-associated information; a network interface unit at each of theplurality of physical locations that provides an interface between thecommunication network and the corresponding user devices coupledthereto; and a an SIM interface coupled to the network interface unitthat can receive the SIM device and transfer therefrom theuser-associated information to the network interface unit so that thesubscription services of the user can be accessed at any one of the atleast one network interface units at the corresponding physicallocation.
 42. The system of claim 41 wherein the SIM device is a SIMcard.
 43. The system of claim 41 wherein the SIM device is a virtualSIM.
 44. The system of claim 41 wherein the SIM interface is a slottedSIM card reader.
 45. The system of claim 41 wherein the SIM interface isa socket for receiving the SIM means, the socket being internal to thenetwork interface unit.
 46. The system of claim 41 further comprising adevice for programming the SIM.
 47. The system of claim 47 wherein theprogramming device is a vending machine.
 48. The system of claim 46wherein the programming device is operated by a service provider. 49.The system of claim 43 wherein the virtual SIM is facilitated bysoftware stored in the network interface unit.
 50. The system of claim49 wherein the software is programmed with a downloaded message from aprovider, the message being generated in response to a request by asubscriber.
 51. The system of claim 50 wherein the request is made usinga telephone.
 52. The system of claim 50 wherein the request is madeusing a PC.
 53. The system of claim 41 wherein the SIM device includes aunique identifier that identifies said SIM.
 54. The system of claim 53wherein a services provider identifies a user-account based on theunique identifier.
 55. A method for accessing a suite of subscriptionservices at a user device coupled to a network interface unitscomprising: receiving a request for the services; receiving informationfor payment for the suite of services; generating a message that creditfor the suite of services has been granted; storing to a SIM device themessage that credit for the suite of services has been granted; andgranting access to the requested services at the network interface unitbased on the credit message stored therein.
 56. The method of claim 55wherein the services include restrictions on usage of the servicesbetween certain times of the day.
 57. The method of claim 55 wherein thedifferent levels of service are provided to different rooms in ahousehold.
 58. The method of claim 55 further comprising granting ordenying access to services based on the credit message.
 59. The methodof claim 58 wherein soft dial tone is always available on telephonyequipment connected to the network interface unit regardless of whetherthe credit message grants access to requested services.
 60. A method forproviding portability of a suite of subscription services between aplurality of network interface units, comprising: processing a requestfor the services received from a user device coupled to one of thenetwork interface units, the request containing a unique identifierretrieved from and corresponding to a SIM device coupled to the one ofthe network interface units; processing account and billing informationto be used for payment of the services, the account and billinginformation being received from the SIM device coupled to the one of thenetwork interface unit; generating a credit message that credit for thesuite of services has been granted, the message being capable ofauthorizing the network interface unit to grant access to any of therequested services when the SIM device is used in the network interfaceunit; and downloading the credit message to the SIM device.
 61. Themethod of claim 60 wherein the SIM device does not grant access to allof the requested services at a given user device coupled to the networkinterface device based on a subscriber profile that restricts access tocertain content at the given user device.